package com.itheima.web;


import com.baomidou.mybatisplus.core.metadata.IPage;
import com.itheima.bean.Employee;
import com.itheima.common.R;
import com.itheima.common.pageParm;
import com.itheima.service.employeeService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpSession;
import java.time.LocalDateTime;

@RequestMapping("/employee")
@RestController
public class EmployeeController {

    @Autowired
    private employeeService es;

    @PostMapping("/login")
    public R login(@RequestBody Employee employee, HttpSession session) {

        Employee loginEmployee = es.login(employee);


        if (loginEmployee != null) {

            session.setAttribute("employee", loginEmployee);
            return R.success(loginEmployee);
        } else {
            return R.error("登录失败");
        }


    }


    @PostMapping("/logout")
    public R logout(HttpSession session) {

        try {
            //把登录成功的时候，保存的员工数据给删除掉
            //session.removeAttribute("employee");

            //直接把session给干掉
            session.invalidate();

            return R.success("退出成功！");
        } catch (Exception e) {
            e.printStackTrace();
            return R.error("退出失败！");
        }

    }

    @PreAuthorize("hasRole('ADMIN')")
    @PostMapping
    public R add(@RequestBody Employee employee, HttpSession session) {

        System.out.println(employee);
        //补充数据库中其他的用户没有填写的数据
        employee.setPassword(DigestUtils.md5DigestAsHex("123456".getBytes()));// 设置初始密码： 123456
        //employee.setCreateTime(LocalDateTime.now()); // 设置创建时间
        employee.setStatus(1); // 设置状态： 1表示启用， 0 表示禁用
        //employee.setUpdateTime(LocalDateTime.now()); //设置更新时间
        Employee e = (Employee) session.getAttribute("employee");
        employee.setCreateUser(e.getId()); // 设置创建的用户
        employee.setUpdateUser(e.getId()); // 设置更新的用户


        int row = es.insert(employee);

        if (row > 0) {
            //成功用data存
            return R.success("添加成功");
        } else {
            //失败用msg存
            return R.error("添加失败");
        }
    }


    @GetMapping("/page")
    public R findpage(pageParm pageParm) {

        IPage<Employee> iPage = es.findPage(pageParm);

        return R.success(iPage);
    }

    @PutMapping
    public R update(@RequestBody Employee employee, HttpSession session) {

        employee.setUpdateTime(LocalDateTime.now());


        //当设置了springsecurity的时候需要改变得到employ对象的方式，不再是登录进来的session存储的了
        //应该用SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        //Employee e = (Employee) session.getAttribute("employee");
        Employee e = (Employee) SecurityContextHolder.getContext().getAuthentication().getPrincipal();

        employee.setUpdateUser(e.getId());


        int row = es.update(employee);

        if (row > 0) {
            return R.success("更新成功！");
        } else {
            return R.error("更新失败！");
        }
    }
}
